german translation: http://wiki.skolelinux.de/HowTo/TestCDinstallation

How to test Debian Edu CD/DVDs with Qemu/kvm

There are three steps required to test the debian edu installation.

The first step can be done using HTTP, FTP or rsync. For repeated testing it is best to use rsync, as it will only transfer the changes between DVD versions instead of the entire DVD. The second step can either be done using a real machine, or in a virtual machine like qemu or vmware, and the last step is fairly straight forward.

Note when testing wheezy-test images: the first boot after installation will take some time until the login box shows up, as they only show up after the testsuite has run. Note that the testsuite will not for production installations (=just for wheezy-test, not when installing wheezy).

Fetching images

There are a few slightly different DVD/CD images being generated, the sarge and etch images are the ones indented for new releases, and the sarge-test and etch-test images are the ones with new packages to be tested before they are move into the DVD/CDs intended for a new release.

In these examples wheezy-test is used as the sample image. (You can replace that string (wheezy-test) with jessie-test or even squeeze-test.)

Using rsync

#
# multi arch wheezy-test dvd
#
rsync -avP ftp.skolelinux.org::cd-wheezy-test-usbstick/debian-edu-amd64-i386-BD-1.iso debian-edu-amd64-i386-BD-1.iso
#
# netinstall wheezy-test cd
#
rsync -avP ftp.skolelinux.org::cd-wheezy-test-amd64-i386-netinst/debian-edu-amd64-i386-NETINST-1.iso debian-edu-amd64-i386-NETINST-1.iso

Using HTTP and FTP

#
# http
#
wget http://ftp.skolelinux.org/cd-wheezy-test-usbstick/debian-edu-amd64-i386-BD-1.iso
#
# ftp
#
ncftp ftp ftp://ftp.skolelinux.org/cd-wheezy-test-dvd/debian-edu-amd64-i386-CUSTOM-1.iso

Recommended approach: virt-manager + KVM

sudo aptitude install kvm virt-manager libvirt-bin bridge-utils

Modify default subnet for skolelinux network

virsh net-edit default

Remove dhcp related settings. Example:

<network>
  <name>default</name>
  <uuid>b165be25-7ddf-6421-9b25-408419fa6665</uuid>
  <forward mode='nat'/>
  <bridge name='virbr0' stp='on' delay='0' />
  <ip address='10.0.2.1' netmask='255.255.255.0'>
  </ip>
</network>

Create another internal network for LTSP.

sudo cp /etc/libvirt/qemu/networks/default.xml /etc/libvirt/qemu/networks/internal.xml
virsh net-edit internal

Example:

<network>
  <name>internal</name>
  <uuid>3f0302a7-dab5-5706-7ca4-72b5d37cb70a</uuid>
  <forward mode='nat'/>
  <bridge name='virbr1' stp='on' delay='0' />
  <ip address='192.168.0.1' netmask='255.255.255.0'>
  </ip>
</network>

Add yourself into libvirt group (addgroup <youruser> libvirt and restart the session), and then run virt-manager to get the friendly GUI to create KVM guest machines. Install the machine from the dvd-image.


Older approaches

Prepare a test machine

Preparing and booting a qemu machine

First, install a few extra packages. This part need to run as root. The kqemu part is to speed up the qemu execution.

sudo aptitude install qemu


sudo aptitude install kqemu-source kqemu-common
sudo module-assistant prepare
sudo module-assistant build kqemu-source
sudo module-assistant install kqemu-source
# or simply: sudo aptitude install kqemu-modules-2.6-686 kqemu-common

sudo modprobe kqemu && sudo sh -c 'echo kqemu >> /etc/modules'

Then create a 13 GiB virtual disk used to install into.

qemu-img create virtual-hda 13G

Doing the installation

Finally start the qemu instance first booting from the DVD image with 128 MiB of RAM, and next boot from the virtual hard drive.

qemu -m 128 -boot d -cdrom debian-edu-amd64-i386-DVD-1.iso -hda virtual-hda

This should be fairly straight forward. Note that a full disk on the machine hosting qemu will appear as failing hardware (broken disk) in qemu.

To enable manual partitioning and the barebone profile option, boot using "linux debian-edu-expert" on the first prompt. To get full manual control over the installation, boot using "expert" on the first prompt.

Running the Machine

After you complete the installation, the machine reboots. But to do this in qemu you basicaly run qemu again using a different boot device.

qemu -m 128 -boot c -cdrom debian-edu-amd64-i386-DVD-1.iso -hda virtual-hda

Don't forget to write bugs about new issues you discover.

To test an LTSP client on a installed thin client server, there is a script /usr/share/doc/ltsp-server/examples/qemu-ltsp that can be executed within the qemu instance to start a thin client as a virtual machine within the virtual machine.

Setting up a virtual qemu network

Tips on how to do that is available from How to use qemu Network

Test LTSP with two qemu instances

With help from etherboot qemu can do network pxe boots. In order to be able to boot LTSP that way the two qemu instances (one for the terminal-server and one for the thinclient) need to share a network. Qemu has multiple options to do that. The easiest is to use tcp-connections between the instances. For this to work one qemu needs to listen on tcp-sockets and the other one connects to it.

To get the terminal-server qemu provide two network interfaces and listen on tcp sockets, the following network options could be used:

.... -net nic,vlan=10 -net socket,listen=127.0.0.1:4242,vlan=10 -net nic,vlan=20 -net socket,listen=127.0.0.1:4243,vlan=20 

This make eth0 available on port 4242 and eth1 on port 4243.

For the thinclient to boot over network an etherboot image is needed. With the ROM-o-matic.net service they can be generated on the fly. To get an image go to http://rom-o-matic.net/etherboot/etherboot-5.4.3/contrib/rom-o-matic/ and select "ns8390:rtl8029 -- [0x10ec,0x8029]" if you use qemu, or "rtl8139:rtl8139 -- [0x10ec,0x8139]" if you prefer kvm. Choose NIC/ROM type". The easiest way to boot it, is to "ISO bootable image without legacy floppy emulation (.iso)" at "2. Choose ROM output format". Then click on "Get ROM" and save the iso image.

Qemu can then be booted like this:

qemu -cdrom <pathtotheiso> -boot d -m 256 -net nic -net socket,connect=127.0.0.1:4243

This qemu thinclient is a bit slow (no really, it's even slower :), so bring some time with you when you want to do this.

It took > 15 minutes to boot a LTSP client with qemu on a Thinkpad X60s with dual core T2400 processor.


Faster approach with KVM

A faster approach (at least when using kvm instead of qemu, but maybe also with qemu (not tested)) is to use a real Ethernet bridge interface on the host system.

sudo aptitude install kvm
sudo aptitude install bridge-utils
sudo modprobe dummy
sudo modprobe tun

For convenience you start 'dummy' and 'tun' kernel modules at system startup. Please run this once (and only once).

sudo sh -c 'echo dummy >> /etc/modules'
sudo sh -c 'echo tun >> /etc/modules'

Testing with a single bridge

You can use standard Debian ifupdown way by editing /etc/network/interfaces and adding the following lines:

auto dummy0
iface dummy0 inet static
        address 10.0.2.2
        netmask 255.255.254.0
        gateway 10.0.2.1

iface skolenet inet static
        address 10.0.2.1
        netmask 255.255.254.0
        broadcast 10.0.3.255
        network 10.0.2.0
        bridge_stp off
        bridge_fd 0
        bridge_ports dummy0

The bridge interface can be started by issuing a ifup skolenet in a root shell (sudo should work too).

/!\ Be sure that your system has no conflicting network configuration on an other interface!

You than need to adopt the helper script to choose the right bridge interface on kvm (qemu) start up. For this just create the file /usr/local/bin/skolenet-ipup with the following content (based on /etc/kvm/kvm-ifup):

 #!/bin/sh
 switch="skolenet"
 /sbin/ifconfig $1 0.0.0.0 up
 /usr/sbin/brctl addif ${switch} $1
 exit 0

This script should be executable, as it is called by kvm later.

For the terminal-server to use the bridge device configure the network interface like this:

.... -net nic,vlan=10 -net tap,script=/usr/local/bin/skolenet-ipup,vlan=10 ....

This adds eth0 (inside kvm) to the skolenet bridge on startup.

For the side of the thinclient, kvm would be started like that:

kvm -cdrom <pathtotheiso> -boot d -m 256 -net nic -net tap,script=/usr/local/bin/skolenet-ipup

Another speedup may be gained (not compared yet) to use -net nic,model=rtl8139 instead of -net nic on the thinclient side. But be warned, this requires a different etherboot image (for rtl8139).

/!\ As a bonus you may want to configure you system to nat the skolenet network into your real network connecting you to the internet and gain internet access (for updates or so) from your virtual test installs (see iptables and masquerade howtos on the internet). See http://www.linuxquestions.org/questions/linux-networking-3/kvm-qemu-and-nat-on-the-host-machine-mini-tutorial-697980/ for example.


Testing with Skolelinux Architecture (two bridges)

Setup of main-server, thin-client-server and thin-client for the Skolelinux Architecture

Preparations

/!\ Please add the modules dummy and tun if you've not done that earlier.

Add two bridges as virtual networks to /etc/network/interfaces:

auto dummy0
iface dummy0 inet static
        address 10.0.2.2
        netmask 255.255.254.0
        gateway 10.0.2.1

 iface br0 inet static
         address 10.0.2.1
         netmask 255.255.254.0
         broadcast 10.0.3.255
         network 10.0.2.0
         bridge_stp off
         bridge_fd 0
         bridge_ports dummy0

 iface br1 inet static
         address 192.168.0.1
         netmask 255.255.255.0
         broadcast 192.168.0.255
         network 192.168.0.0
         bridge_stp off
         bridge_fd 0
         bridge_ports none

Add kvm-scripts /usr/local/bin/br0-add and /usr/local/bin/br1-add with contents:

 #!/bin/sh
 switch="br0"
 /sbin/ifconfig $1 0.0.0.0 up
 /usr/sbin/brctl addif ${switch} $1
 exit 0

 #!/bin/sh
 switch="br1"
 /sbin/ifconfig $1 0.0.0.0 up
 /usr/sbin/brctl addif ${switch} $1
 exit 0

You might install main-server and a thin-client-server onto kvm disk-images as before. (Not tested: Install first the main-server and then the thin-client-server via the main-server over the br0-network).

You can install a combined main and thin client server:

Install and run combined server

First bring up all bridges:

 sudo ifup dummy0
 sudo ifup br0
 sudo ifup br1

Install the main + thin-client-server (this takes quite some time):

 sudo kvm -m 1024 -net nic,macaddr=52:54:00:12:34:10,vlan=10 \
                  -net tap,script=/usr/local/bin/br0-add,vlan=10 \
                  -net nic,macaddr=52:54:00:12:34:20,vlan=20 \
                  -net tap,script=/usr/local/bin/br1-add,vlan=20
                  -cdrom debian-edu-amd64-i386-DVD-1.iso -boot d Main_ThinClientServer.img

Run the main + thin-client-server:

 sudo kvm -m 1024 -net nic,macaddr=52:54:00:12:34:10,vlan=10 \
                  -net tap,script=/usr/local/bin/br0-add,vlan=10 \
                  -net nic,macaddr=52:54:00:12:34:20,vlan=20 \
                  -net tap,script=/usr/local/bin/br1-add,vlan=20
                  -cdrom debian-edu-amd64-i386-DVD-1.iso -boot c Main_ThinClientServer.img

Run thin client:

 sudo kvm -cdrom eb-5.4.3-rtl8139.iso -boot d -m 256 \
                  -net nic,macaddr=52:54:00:12:34:11 \
                  -net tap,script=/usr/local/bin/br0-add

/!\ If you gonna login to the thin client, please add the virtual machines macaddr to wlus and make a user.

/!\ Consult the GettingStarted-page for adding users and registering the thin-client-server as ltspserver00 (needed to log-in as normal user on a thin-client or thin-client-server).

/!\ When running more thin clients, please choose another 'macaddr'. E.g with 12 at the end instead of 11 and so on: 52:54:00:12:34:12 (52:54:00:12:34:13)

/!\ Depending on how you set up the images, your MAC-addresses might change, resulting in changes of interface names due to udev (eth0->eth1 etc.). In that case remove the entries in /etc/udev/rules.d/70-persistent-net.rules and reboot.

Fixme: Please add how to run diskless client

Running separate main and thin client server

First bring up all bridges:

 sudo ifup dummy0
 sudo ifup br0
 sudo ifup br1

Please install main server and thin client server on two different virtual machines, with separate disk images.

Now start the main-server:

 sudo kvm -m 1024 -net nic -net tap,script=/usr/local/bin/br0-add MainServer.img

Followed by the thin-client-server:

 sudo kvm -m 1024 -net nic,macaddr=52:54:00:12:34:10,vlan=10 \
       -net tap,script=/usr/local/bin/br0-add,vlan=10 \
       -net nic,macaddr=52:54:00:12:34:20,vlan=20 \
       -net tap,script=/usr/local/bin/br1-add,vlan=20 ThinClientServer.img

Finally, start a thin-client:

 sudo kvm -cdrom eb-5.4.3-rtl8139.iso -boot d -m 1024 \
       -net nic,macaddr=52:54:00:12:34:11 \
       -net tap,script=/usr/local/bin/br1-add

/!\ Depending on how you set up the images, your MAC-addresses might change, resulting in changes of interface names due to udev (eth0->eth1 etc.). In that case remove the entries in /etc/udev/rules.d/70-persistent-net.rules and reboot.

/!\ MAC-addresses must not conflict on a subnet, i.e. to start a second thin-client, use a different macaddr: -net nic,macaddr=52:54:00:12:34:12

/!\ Consult the GettingStarted-page for adding users and registering the thin-client-server as ltspserver00 (needed to log-in as normal user on a thin-client or thin-client-server).

Connect to the Internet

Finally, forward network traffic to the host-internet. Please run this command on your host (not on the virtual machines):

 sudo iptables -t nat -A POSTROUTING -s 10.0.2.1/255.255.254.0 \
        ! -d 10.0.2.1/255.255.254.0 -j MASQUERADE

 sudo sysctl net.ipv4.ip_forward=1


Script to run the machines

The topics above are summarized in this script which runs four instances of virtual machines:

 #!/bin/sh
 #########
 # skript to start skolenet
 ########## networking:
 if sudo iptables -t nat -L POSTROUTING -n | grep ^MASQUERADE | \
     awk '{print $4}' | cut -d/ -f1 | grep 10.0.2.0 >/dev/null
 then
     echo "Networking already set up"
 else
     echo "Setting up bridges"
     sudo ifup br0
     sudo ifup br1
     echo "Setting up IP masquerading"
     sudo iptables -t nat -A POSTROUTING -s 10.0.2.1/255.255.254.0 \
         ! -d 10.0.2.1/255.255.254.0 -j MASQUERADE
     sudo sysctl net.ipv4.ip_forward=1
 fi

 ##########
 # MainServer:
 sudo kvm -m 1024 -net nic \
      -net tap,script=/usr/local/bin/br0-add MainServer02.img &

 sleep 60
 #########
 # Diskless Workstation or Thin-Client:
 sudo kvm -cdrom eb-5.4.3-rtl8139.iso -boot d -m 1024 \
     -net nic,macaddr=52:54:00:12:34:12 \
     -net tap,script=/usr/local/bin/br0-add &

 # ThinClientServer:
 sudo kvm -m 1024 -net nic,macaddr=52:54:00:12:34:10,vlan=10 \
      -net tap,script=/usr/local/bin/br0-add,vlan=10 \
      -net nic,macaddr=52:54:00:12:34:20,vlan=20 \
      -net tap,script=/usr/local/bin/br1-add,vlan=20 ThinClientServer.img &

 sleep 60
 ##########
 # ThinClient:
 sudo kvm -cdrom eb-5.4.3-rtl8139.iso -boot d -m 1024 \
      -net nic,macaddr=52:54:00:12:34:11 \
      -net tap,script=/usr/local/bin/br1-add &

Four kvm instances running Skolelinux

TODO: get rid of sudo